[NNTP] Notes on auxiliary documents

Charles Lindsey chl at clerew.man.ac.uk
Wed Dec 1 03:49:30 PST 2004


In <87is7mof46.fsf at windlord.stanford.edu> Russ Allbery <rra at stanford.edu> writes:

>I would lean towards forgetting all state, since that's the obviously safe
>thing to do from a security standpoint.  I can't figure out the parameters
>of an attack that would exploit this, but I know that it can't be
>exploited if we forget state.

>However, there's MODE READER, and we can't forget that state,
>unfortunately; Mark made that point, and it's accurate.  That state I can
>argue doesn't pose any security issues, however, other than a DoS attack
>(which is generally uninteresting).  I can't make a similar argument about
>all server state.

>It seems to be more in the general spirit of SASL and TLS to discard all
>state after negotiating a security layer.

Yes, but I explained why the usual SASL spirit might not apply to NNTP in
my message of Nov 18th.

Most SASL application are there to prevent the Bad Guy from stealing MY
resources (e.g. money from my bank account). But NNTP is different; SASL
is there for protecting the server's resources from being used by the Bad
Guy. Preserving state across authentication does no harm in that
scenario, whereas _not_ preserving state _does_ do harm in the case I
outlined, where I am suddenly asked to authenticate in the middle of
reading a group because I suddenly encountered an article cross-posted to
some other group with special restrictions on it.

-- 
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131 Fax: +44 161 436 6133   Web: http://www.cs.man.ac.uk/~chl
Email: chl at clerew.man.ac.uk      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5



More information about the ietf-nntp mailing list